[jira] Closed: (MNG-4928) mvn --encrypt-master-password is insecure

Brett Porter (JIRA) Wed, 08 Dec 2010 04:49:34 -0800

     [ 
http://jira.codehaus.org/browse/MNG-4928?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Brett Porter closed MNG-4928.
-----------------------------

    Resolution: Duplicate
      Assignee: Brett Porter

> mvn --encrypt-master-password is insecure
> -----------------------------------------
>
>                 Key: MNG-4928
>                 URL: http://jira.codehaus.org/browse/MNG-4928
>             Project: Maven 2 & 3
>          Issue Type: Bug
>          Components: Command Line
>    Affects Versions: 2.2.1, 3.0, 3.0.1
>            Reporter: Greg Wilkins
>            Assignee: Brett Porter
>
> gr...@brick: ~
> [506] mvn --encrypt-master-password something-very-very-secret
> {zfC2klZItekHCPGwE+R0JZ2+RjyDlqxP343ThV0R3B5taWEHbI5t+QGfXOZ0mq9j}
> gr...@brick: ~
> [507] history 2
>   506  mvn --encrypt-master-password something-very-very-secret
>   507  history 2
> commands that take passwords should not accept them from the command line, as 
> they are then visible in history and even in some PS output. They should 
> prompt for passwords with echo turned off.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: 
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira

[jira] Closed: (MNG-4928) mvn --encrypt-master-password is insecure

Reply via email to